CVE-2020-12300 - OpenCVE

Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Intel	S2600cw2 S2600cw2 Firmware S2600cw2r S2600cw2r Firmware S2600cw2s S2600cw2s Firmware S2600cw2sr S2600cw2sr Firmware S2600cwt S2600cwt Firmware S2600cwtr S2600cwtr Firmware S2600cwts S2600cwts Firmware S2600cwtsr S2600cwtsr Firmware S2600kp S2600kp Firmware S2600kpf S2600kpf Firmware S2600kpfr S2600kpfr Firmware S2600kpr S2600kpr Firmware S2600kptr S2600kptr Firmware S2600tp S2600tp Firmware S2600tpf S2600tpf Firmware S2600tpfr S2600tpfr Firmware S2600tpnr S2600tpnr Firmware S2600tpr S2600tpr Firmware S2600wt2 S2600wt2 Firmware S2600wt2r S2600wt2r Firmware S2600wtt S2600wtt Firmware S2600wttr S2600wttr Firmware S2600wtts1r S2600wtts1r Firmware

Configuration 1 [-]

AND

cpe:2.3:h:intel:s2600cw2:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cw2_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:intel:s2600cw2s:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cw2s_firmware:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:intel:s2600cwt:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cwt_firmware:*:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:intel:s2600cwts:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cwts_firmware:*:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:intel:s2600cw2r:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cw2r_firmware:*:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:h:intel:s2600cw2sr:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cw2sr_firmware:*:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:h:intel:s2600cwtr:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cwtr_firmware:*:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:h:intel:s2600cwtsr:-:*:*:*:*:*:*:*

cpe:2.3:o:intel:s2600cwtsr_firmware:*:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:intel:s2600kp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600kp:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:intel:s2600kpf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600kpf:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:intel:s2600kpr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600kpr:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:intel:s2600kpfr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600kpfr:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:intel:s2600kptr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600kptr:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:intel:s2600tp_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600tp:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:intel:s2600tpf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600tpf:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:intel:s2600tpfr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600tpfr:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:intel:s2600tpnr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600tpnr:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:intel:s2600tpr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600tpr:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:intel:s2600wt2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wt2:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:intel:s2600wtt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wtt:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:intel:s2600wttr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wttr:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:intel:s2600wt2r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wt2r:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:intel:s2600wtts1r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:intel:s2600wtts1r:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://security.netapp.com/advisory/ntap-20200814-0001/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00367.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2020-08-13T03:25:52

Updated: 2024-08-04T11:56:50.465Z

Reserved: 2020-04-28T00:00:00

Link: CVE-2020-12300

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-08-13T04:15:13.053

Modified: 2020-08-19T17:52:33.940

Link: CVE-2020-12300

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object